Work in Progress: Note that this website is for an upcoming course and features including but not limited to assignments, dates and times, or session topics and order are generally subject to change.

CSC474 - Network Security #

This is the course website for the Fall 2025 offering of CSC 474 - Network Security at North Carolina State University (NC State).

This course introduces students to network security. Students will learn about network attacks and vulnerabilities as well as current defenses. Topics covered include cryptography, authentication protocols, firewalls, intrusion detection systems, routing and DNS security, communication privacy and anonymity, and wireless security.


Course Name	CSC 474 - Network Security
Semester	Fall 2025
Meeting Times	Tuesday, Thursday 4:30pm – 5:45pm
Meeting Location	02211 Textiles Complex
Format	In-person, recorded
Instructor	Dr. Dominik Wermke (Office hours)
Credits	3
Resources	Website (this site), …

Waitlist Full: CSC 474 reserves a set of seats for students in the cybersecurity concentration. If the waitlist is full, please keep checking over the coming weeks. Reserved seats will be gradually released by the university and filled from the waitlist, which also frees up additional spots on the waitlist (more info on CSC Restricted Electives).

Course Overview #

This introductory course will impart a broad understanding of the underpinnings of security techniques, security best practices, and security failures. Coverage of high-level concepts such as confidentiality, integrity, and availability applied to hardware, software, and data.

The course should help students to understand the mindsets of attackers (the bad guys and gals who do malicious things on the network) and system designers and defenders (the good guys and gals who try to stop the attackers).
The course should prepare students to understand and assess security threats, become familiar with security engineering best practices, and write better software, protocols, and systems.

Prerequisites:

CSC 230 or ECE 209, Computer Science Majors
Credit not allowed for both CSC 474 and CSC 574

Structure #

Past Iterations: I also taught this course in Spring 2025 and don’t intend to change the course structure significantly. Most of the content is publically accessible, feel free to have a look at the Spring 2025 course website to get a feel for the course.

This course meets in-person twice a week. Content is primarily delivered via lectures with integrated learning activities. Homework assignments provide written questions that apply knowledge taught in the classroom. The instructor will not take any formal attendance for class meetings. Participation will be assessed via the readings.

Grade Components:

45% – Exams consisting of:
- 15% Midterm 1
- 15% Midterm 2
- 15% Final or average of Midterm 1 and Midterm 2
30% – Weekly Exercises
20% – Homework
5% – Readings / Participation

Policy Overview:

Attendance: I don’t intend to track attendance for class meetings (but I reserve the right in case attendance drops below a sustainable level).
Late Assignments: homework / exercise / reading assignments may be submitted up to 48 hours after the deadline without penalty. After 48 hours, each additional 24 hour period will result in a final score reduction of 25%.
Extensions: Additional extensions may be granted on (email) request before the original deadline and for legitimate reasons like university-excused absence, illness, major research or project deadlines, conference attendance, etc.

Outcomes

By the end of this course, students will be able to:

Explain concepts related to applied cryptography, including plaintext, ciphertext, symmetric cryptography, asymmetric cryptography, digital signatures.
Outline the requirements and mechanisms for identification and authentication of users and computer systems, including authentication protocols and key management. Identify the possible threats to each mechanism and ways to protect against these threats.
Explain common network and Web vulnerabilities and attacks, defense mechanisms against these attacks, and cryptographic protection mechanisms.
Describe the methods and motivation of Internet malware, and explain existing defense mechanisms and their limitations.

Optional Materials #

The following books (available online) provide additional information but are not required for the course.

Paul C. Van Oorschot. Computer Security and the Internet: Tools and Jewels. Springer. 2020. Note: Author’s self-archived version is freely available.
Ross Anderson. Security Engineering, 2nd Edition. Wiley. April 2008.
Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press. October 1996.

Topics #

The major areas covered in CSC 474 - Network Security include:

Course Introduction
Security Fundamentals
Symmetric Cryptography
Hashes and MACs
Asymmetric Cryptography
Key Management
User Authentication
Authentication Protocols
Transport Layer Security
Net Background + TCP/IP Attacks
Malware
Firewalls and Tunnels
Intrusion Detection Systems
Routing Security
DNS Security
Wireless Security
Cloud Security
Web Security
Anonymity

Staff #

Dr. Dominik Wermke


Role	Instructor
Email	dwermke@ncsu.edu
Web	https://dwermke.com
Office Hours	online, by appointment (See office hours for booking URL)

TBA


Role	TA
Email	TBA
Office Hours	TBA

Office Hours #

Prof. Wermke’s online office appointments scheduled via Google Calender:

To be announced (feel free to send me an email if you have any questions before the semester officially starts).

Further Resources #

Further resources for wellbeing:

Overview at NC State’s “Academic and Student Affairs” website: https://dasa.ncsu.edu/support-and-advocacy/find-help/